Hi,I'm getting an error when the process "c:\windows\System32\ClipUp.exe" runs (the windows activation uses this process).My dll skipped the hook when this runs, but I still get this error.The error is ClipUp.exe error which refer to my hook dll (see the attached image).

Ok, after some googling it seems that 0xc0000428 means "The digital signature for this file couldn't be verified". My best guess right now is that Microsoft only accepts DLLs to be loaded in ClipUp.exe which are signed by Microsoft. Does that make sense to you? I suppose one easy workaround would be to add "c:\windows\System32\ClipUp.exe" to the DLL injection exclusion list. Of course that's not nice at all, but I'm not sure what else we could do right now.

I see, I tried it, but still get this errorCurrently I'm checking at the beginning of the DllMain function if the current process is "c:\windows\System32\ClipUp.exe" and return true if so (if no continue with the hook process).

One more question about the uninject function:Currently I'm using "UninjectAllLibrariesW" and pass it only the driver name.Do I need to switch to "UninjectLibraryW" or can I keep use "UninjectAllLibrariesW"?